Sun Alert 102846 Security Vulnerability in the Mozilla js_dtoa() Routine May Result in Denial of Service
By security on Apr 17, 2007
A security vulnerability in the Mozilla (see mozilla(1)) js_dtoa() function may cause the Mozilla application to crash if a user views a web page, mail message, or newsgroup message when certain plugins are installed. The ability of a remote user who creates such a web page, mail message, or newsgroup post to cause the Mozilla application to crash is a type of Denial of Service.
This issue is described in the following documents:
CVE-2006-6499 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6499
CERT VU#427972 at http://www.kb.cert.org/vuls/id/427972